Privacy policy
How we handle personal data on this marketing site. The ComplyTest CLI itself collects no telemetry.
1. Overview
ComplyTest is an open-source CLI that runs locally on the user's machine or CI runner. The CLI itself sends no telemetry, collects no analytics, and stores no personal data.
This policy covers data processing on the ComplyTest marketing website (complytest.com) only.
2. Data controller
The data controller for this website is the ComplyTest project maintainers, reachable at [email protected]. A representative for GDPR Article 27 inquiries is available on request.
- Email for data subject requests:
[email protected] - Postal: ComplyTest contributors, c/o open-source project mailbox.
- Complaints: see §7 below.
3. What we collect
We collect the minimum data necessary to operate the site:
- Server access logs. IP address, user agent, timestamp, path. Retained 14 days, used only for security and abuse investigation.
- Strictly necessary cookies. Cookie consent state itself (
ct_consent) — required by ePrivacy / GDPR to remember your choice. - Optional analytics cookies (off by default). Only set if you opt in via the consent banner.
We do not use Google Analytics, Meta Pixel, or any third-party advertising tracker. The CLI binary opens no network connection to ComplyTest infrastructure.
4. Legal basis
Server access logs rely on legitimate interest (Art 6(1)(f) GDPR) in security and abuse prevention. The strictly necessary consent cookie relies on the ePrivacy exemption — it is required to remember your consent choice. Analytics cookies, if any, rely on explicit opt-in consent (Art 6(1)(a) GDPR), revocable at any time via Cookie Preferences.
5. Your rights
Under GDPR, you have the right to access, rectify, erase, restrict, port, and object to processing of your personal data, and to withdraw consent at any time.
To exercise any of these rights, email [email protected]. We respond within 30 days as required by Art 12(3) GDPR.
6. Retention
Server logs: 14 days. Consent state: 12 months from last update or until cleared by the visitor. Optional analytics (if opted in): aggregated, no individual sessions retained beyond 30 days.
7. Complaints
If you believe we have processed your data unlawfully, you have the right to lodge a complaint with a supervisory authority — typically your country's Data Protection Authority. In the EU, find your authority at edpb.europa.eu.
You may also contact us directly first at [email protected]. We acknowledge complaints within 5 business days.